JaffaCakes118_2001de506d5812ed8bb8a153cc7bdc94

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_2001de506d5812ed8bb8a153cc7bdc94
Size

226KB
MD5

2001de506d5812ed8bb8a153cc7bdc94
SHA1

c96f95a7439dad770aaa42ab43673df4e0355cd9
SHA256

21595ff149b021e25ed2f51e78b4048fbb7ba386f7551a23b5859ac8e9d6748e
SHA512

6c0a0ea0f0e6b4b87995ba7027a352f313a26fa66ff663dade86a97f8cf37e67d1ef94e89a938ae967a96c024c57819e54dbfa71e851bac0fe55031cb8a0a6a9
SSDEEP

6144:/9E2EyMnAV0LDZGQFx+X0EnSj4esY7GFhQ+xnvZpn:/9sf1LNrE0ESsm7GXpvHn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_2001de506d5812ed8bb8a153cc7bdc94

Files

JaffaCakes118_2001de506d5812ed8bb8a153cc7bdc94
.exe windows:4 windows x86 arch:x86

520de3fb511f1d19403994cba3a7af06

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenFile
ConnectNamedPipe
lstrcat
InitializeCriticalSection
GetModuleHandleA
GetCurrentThread
CopyFileA
WaitForMultipleObjects
GetSystemDefaultLCID
FindAtomA
GetModuleHandleA
GetTempFileNameW
BeginUpdateResourceA
IsBadStringPtrW
GetProcAddress
CreateMutexA
CreateDirectoryW
FileTimeToLocalFileTime
GlobalFindAtomW
AddAtomA
lstrcmpi
GetLogicalDriveStringsA
GetShortPathNameW

user32

ShowCaret
DialogBoxParamW
SendDlgItemMessageW
keybd_event
GetMenuItemID
CharUpperW
DefWindowProcA
GetClassInfoExA
DestroyMenu
CopyRect
MessageBeep
GetSysColorBrush
CharNextA
SendMessageW
WinHelpW
RegisterWindowMessageW
FindWindowW
GetMenu
CopyIcon

gdi32

CreateScalableFontResourceA
CreateFontA
CreateBitmapIndirect
CreateRoundRectRgn
DeleteObject
CreatePatternBrush
CreateSolidBrush
SetMetaFileBitsEx
CreateEllipticRgn
CreatePen
GetStockObject
StretchDIBits
CreatePalette
CreateDIBSection
UpdateICMRegKeyW
GetMetaFileW
RemoveFontResourceA
TranslateCharsetInfo

comdlg32

PageSetupDlgA
FindTextA
PrintDlgW
PrintDlgA
ChooseFontA
FindTextW
GetOpenFileNameA
ChooseFontW
GetFileTitleW
GetSaveFileNameA

crypt32

CertComparePublicKeyInfo
CryptGetOIDFunctionValue
CryptMsgOpenToEncode
CertFreeCertificateChainEngine
CryptEnumKeyIdentifierProperties
I_CryptAddRefLruEntry
CertDeleteCertificateFromStore
CertEnumCRLsInStore
CryptDecryptMessage
I_CertUpdateStore
CryptRegisterDefaultOIDFunction
CryptMsgCountersignEncoded
CryptUnregisterDefaultOIDFunction

Sections

.V
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.KgkD
Size: 3KB - Virtual size: 269KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RvQtbr
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.u
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.m
Size: 2KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.p
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.B
Size: 9KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.GZZ
Size: 5KB - Virtual size: 469KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

520de3fb511f1d19403994cba3a7af06

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

crypt32

Sections

.V Size: 6KB - Virtual size: 6KB

.KgkD Size: 3KB - Virtual size: 269KB

.RvQtbr Size: 85KB - Virtual size: 84KB

.u Size: 13KB - Virtual size: 13KB

.m Size: 2KB - Virtual size: 21KB

.p Size: 85KB - Virtual size: 84KB

.B Size: 9KB - Virtual size: 188KB

.GZZ Size: 5KB - Virtual size: 469KB

.rsrc Size: 7KB - Virtual size: 7KB

.reloc Size: 1024B - Virtual size: 1024B

.V
Size: 6KB - Virtual size: 6KB

.KgkD
Size: 3KB - Virtual size: 269KB

.RvQtbr
Size: 85KB - Virtual size: 84KB

.u
Size: 13KB - Virtual size: 13KB

.m
Size: 2KB - Virtual size: 21KB

.p
Size: 85KB - Virtual size: 84KB

.B
Size: 9KB - Virtual size: 188KB

.GZZ
Size: 5KB - Virtual size: 469KB

.rsrc
Size: 7KB - Virtual size: 7KB

.reloc
Size: 1024B - Virtual size: 1024B